Re: Fedora's way forward

On Sun, 2006-04-02 at 08:32 +0530, Rahul Sundaram wrote:
> As I understand it what the OP claimed was that a exploited browser
> would automatically be able to install packages silently which is
> something SELinux should be able to prevent with appropriate policies in
> place. Making it easier for users to install packages is not a security
> issue at all as long as the privileges required to complete the
> operation doesnt change arbitrarily.
The way to deal with this is to check GPG keys. Don't install a package
unless the key checks out.
This leads to a chicken and egg problem. The GPG keys is typically
installed by the repo release file. How do you get the repo RPM
installed? Put up a big fat warning before installing RPMs with
untrusted signatures? This is kind of like what windows does these
days...
Or just sign third party repo's keys with the Fedora key. I don't know
what Red Hat legal would think of that though.
Or just not install repos with an RPM. Do something special.
(Just some brainstorming)

Attachment:
signature.ascDescription: This is a digitally signed message part